Skip to main content
All CollectionsSettingsCompany Settings
Drata Open API: Get All Controls
Drata Open API: Get All Controls

This article shows how to retrieve all controls from Drata.

Updated over a year ago

HERE'S WHAT

The Drata Open API allows you to pull control records from Drata to review all of the control data in a single document. You can leverage the available GET endpoint to automate a bulk export of control data from Drata.

BEFORE DIVING IN

  • See our full API developer documentation at https://developers.drata.com/docs/.

  • Review the Find controls by search terms and filters endpoint.

  • See this help article on how to generate an API key. The full API key will only be shown once when you create the key. You will not be able to access it again. Scope the key for read access of the events data entity.

  • A rate limit of 500 requests / minute will be enforced per unique source IP.

  • Identify the query parameters by which you would like to filter controls.

  • The bulk get request aggregates all of the data entities and prints the raw data to a .json file.

  • We recommend using a formatting tool to format the .json for readability.

  • This request is made in sets of 50 items by default; adjust the request as needed.

HERE'S HOW

Bulk download control data in a .json file

  1. Create a directory for development of scripts for Drata

  2. Run npm i node-fetch in terminal (npm fetch)

  3. Run npm i lodash in terminal (npm lodash)

  4. Add "type": "module” to package.json in order for this script to run, due to the use of “import”

  5. Optional: dotenv to import the API key from environment variables, else write the API key strings in the code samples below, run npm i dotenv (npm dotenv)

This script is intended to serve as an example template. You will need to configure your local environment and adjust the code to fit your specific use case.

import fetch from 'node-fetch';
import * as dotenv from 'dotenv';
import _, { isEmpty } from 'lodash';
import * as fs from 'fs';

dotenv.config();

async function run() {
    let page = 1;
    let totalReviewed = 0;
    let totalRecords = 0;
    const allControls = [];
    const limit = 50;

    do {
        const query = new URLSearchParams({
            page: page,
            limit: limit,
        });
        query.toString()
        let controlData;
        try {
            const resp = await fetch(
                `https://public-api.drata.com/public/controls?${query}`,
                {
                  method: 'GET',
                  headers: {
                    Authorization: `Bearer ${process.env.API_KEY}`
                  }
                }
              );
            controlData = await resp.json();
        } catch (e) {
            console.log(e)
        }
        controlData = _.get(controlData, 'total');
        const controls = _.get(controlData, 'data');
        totalReviewed += controls.length
        ++page
        allControls.push(...controls);
    } while (totalReviewed < totalRecords)

    if (!isEmpty(allControls)) {
        fs.writeFile('drata-controls.json', JSON.stringify(allControls), (err) => {
            if (err)
                console.log(err);
            else {
                console.log('File written successfully\n');
            }
        })
    } else {
        console.log('No data found, adjust get request parameters\n');
    }
}

run();
Did this answer your question?